Solved

Cisco VPN static-to-dynamic

Posted on 2013-01-17
7
423 Views
Last Modified: 2013-04-26
Hi,
On my PIX v.8 I have already site to site vpns configured, and I have too remote access vpn configured, what I need to configure now is another vpn with a remote site with dynamic ip.
The remote site has Cisco 877 Router, on it, I already configured the crypto stuff and access list, but I don't know how to configure this new vpn on the PIX adding it to the others already configured.
Any help will be appreciated.
0
Comment
Question by:arefone
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 95

Expert Comment

by:John Hurst
ID: 38787036
Site to site normally requires static IP addressing. There are two approaches:

1. Use DynDNS to provide a static address even though your remote site changes.  

http://dyn.com/dns/

2. If the remote IP address changes infrequently (not more frequently that once a year) then just use the address and change when needed. I use this approach for my home office site to site tunnels.

.... Thinkpads_User
0
 
LVL 18

Accepted Solution

by:
fgasimzade earned 500 total points
ID: 38787090
0
 
LVL 1

Author Comment

by:arefone
ID: 38787148
I tried already that doc, it did not work, when I try to issue the command "tunnel-group DefaultL2LGroup general-attributes
   authentication-server-group none" on the pix, it tells that no "authentication-server-group none" option available.
0
Defend Your Organization from The Greatest Threats

Looking to fill the gaps in your security? Bring together information from the network, endpoint and threat intelligence feeds to really see what's happening in your organization. Join the WatchGuardians in their adventures fighting cyber crime!

 
LVL 18

Expert Comment

by:fgasimzade
ID: 38787159
Just dont use this option. The configuration described there is 100% working
0
 
LVL 1

Author Comment

by:arefone
ID: 38787200
Sorry Fgasimzade, can you post me the configs I need to implement on my pix without having all the stuff I don't need so it helps better?
0
 
LVL 1

Expert Comment

by:Xvidalx
ID: 38788596
yessss.. configs and logs... will help
0
 
LVL 1

Author Closing Comment

by:arefone
ID: 39115112
with "tunnel-group DefaultL2LGroup ipsec-attributes" command on PIX it worked.
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
QoS on Cisco router 10 60
Cisco router 4400 and switch connection. 27 82
Turning Verizon Fios Router into a Bridge? 28 128
Cisco SRST questions 5 56
From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
Let’s list some of the technologies that enable smooth teleworking. 
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question